Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Set-up.exe
|
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_chrome.exe_6529d8499c11cd4f9e25b8c1dc6756637128dac_19d51899_09214adb-9fd0-44c0-a0e9-1d32bf30b89f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_chrome.exe_6529d8499c11cd4f9e25b8c1dc6756637128dac_19d51899_839c2440-3000-4f8a-b3ac-c02cf614e8a6\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_chrome.exe_6529d8499c11cd4f9e25b8c1dc6756637128dac_19d51899_9075c3c4-a6e6-45ed-ade9-137bd9ff37d2\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_chrome.exe_653df720363a23f9fbf1c3440f42767b874ec_19d51899_3be725a7-7bec-402d-912c-5b6e1b4103ce\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_chrome.exe_653df720363a23f9fbf1c3440f42767b874ec_19d51899_c2374def-a73f-4e01-95b4-340ccaa2b026\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_chrome.exe_653df720363a23f9fbf1c3440f42767b874ec_19d51899_d5b0c01f-b54c-461f-bcf0-11216f7d913a\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_6e7a37746f818a347830ea1e976120e73daecf72_75709460_5165434c-287c-474f-a884-9d1a74be8407\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_6e7a37746f818a347830ea1e976120e73daecf72_75709460_b01ff826-0a9d-4c99-9877-b3edef4f4d6f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_6e7a37746f818a347830ea1e976120e73daecf72_75709460_b102db5d-74bf-4bf9-9096-aa63fdbc572a\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_b2183e612ae09e2d847ad213d2fdf44b96d97240_75709460_6cc951a1-00ca-4995-8233-9f6060a8e2f7\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_b2183e612ae09e2d847ad213d2fdf44b96d97240_75709460_7e0abad9-a362-4765-a520-880ef44139fd\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_msedge.exe_b2183e612ae09e2d847ad213d2fdf44b96d97240_75709460_ce6506a8-9fc7-42cc-ba07-4b1639dcbce0\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6B32.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:31 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6BA0.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6BDF.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7071.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:32 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER70B1.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER70E1.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7757.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:34 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER77C5.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER77F5.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7B8D.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:35 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7BCD.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C0C.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER89B6.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:39 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER89F6.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8A25.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8BAA.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:39 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8C09.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8C29.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER90DA.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:40 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9129.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9188.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER938A.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:41 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER93C9.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9428.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA53D.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:46 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA58C.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA5BC.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA992.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:47 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA9F1.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERAA21.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB105.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:49 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB134.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB155.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB51B.tmp.dmp
|
Mini DuMP crash report, 14 streams, Sat May 10 06:05:50 2025, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB599.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB5F8.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 40 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Set-up.exe
|
"C:\Users\user\Desktop\Set-up.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\elevation_service.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\elevation_service.exe"
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5760 -s 144
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5760 -s 204
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 1380 -s 224
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 1380 -s 92
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2444 -s 152
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2444 -s 92
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3832 -s 228
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3832 -s 92
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4544 -s 144
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4544 -s 92
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4988 -s 224
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 4988 -s 92
|
There are 12 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mcrsftuptade.pro/Up/g
|
188.114.96.3
|
|
|
|
http://mcrsftuptade.pro/Up/p
|
188.114.96.3
|
|
|
|
http://mcrsftuptade.pro/Up/b
|
188.114.96.3
|
|
|
|
http://mcrsftuptade.pro/ujs/f1575b64-8492-4e8b-b102-4d26e8c70371
|
188.114.96.3
|
|
|
|
http://mcrsftuptade.pro/Up
|
188.114.96.3
|
|
|
|
http://acs.amazonaws.com/groups/global/AllUsers
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.fsf.org/
|
unknown
|
||
|
http://169.254.169.254/latest/meta-data/iam/security-credentials/Retrieving
|
unknown
|
||
|
http://h1.coldwalk.top/sh.ext.exe.bin
|
unknown
|
||
|
https://jrsoftware.org/tb2kdl.php
|
unknown
|
||
|
https://winscp.net/eng/docs/?ver=%s&lang=%s-https://winscp.net/eng/docs/%s?ver=%s&lang=%s
|
unknown
|
||
|
http://webdav.org/neon/hooks/webdav-lockingHas
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://webdav.org/neon/hooks/webdav-lockinghttp://webdav.org/neon/hooks/webdav-lockingLocked
|
unknown
|
||
|
https://winscp.net/eng/donate.php
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
http://webdav.org/neon/hooks/server-authhttp://webdav.org/neon/hooks/proxy-authhttp://webdav.org/neo
|
unknown
|
||
|
http://www.webdav.org/neon/hooks/http-redirecthttp://www.webdav.org/neon/hooks/http-redirectAborted
|
unknown
|
||
|
http://webdav.org/neon/hooks/proxy-auth
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_alldp.ico
|
unknown
|
||
|
http://www.borland.com/namespaces/Types
|
unknown
|
||
|
https://www.chiark.greenend.org.uk/~sgtatham/putty/
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
http://acs.amazonaws.com/groups/s3/LogDelivery
|
unknown
|
||
|
https://winscp.net/#https://winscp.net/eng/docs/history
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
http://apache.org/dav/propset/fs/1
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtabv209h
|
unknown
|
||
|
https://winscp.net/updates.php#https://winscp.net/eng/download.php
|
unknown
|
||
|
https://www.gnu.org/licenses/why-not-lgpl.html
|
unknown
|
||
|
http://webdav.org/neon/hooks/proxy-authProxy-AuthorizationProxy-AuthenticateProxy-Authentication-Inf
|
unknown
|
||
|
http://webdav.org/neon/hooks/webdav-locking
|
unknown
|
||
|
http://apache.org/dav/props/T
|
unknown
|
||
|
http://www.webdav.org/neon/hooks/http-redirect
|
unknown
|
||
|
http://h1.coldwalk.top/amshm.bin
|
unknown
|
||
|
http://www.webdav.org/neon/hooks/http-passport-req
|
unknown
|
||
|
http://XXXXXXwinscp.net/
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/encoding/
|
unknown
|
||
|
https://openssl-library.org/)WebDAV/HTTP
|
unknown
|
||
|
https://www.gnu.org/licenses/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
http://crl.rootca1.amazontrust.com/rootca1.crl0
|
unknown
|
||
|
https://ac.ecosia.org?q=
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://ocsp.rootca1.amazontrust.com0:
|
unknown
|
||
|
https://jcl.delphi-jedi.org/
|
unknown
|
||
|
http://www.webdav.org/neon/hooks/http-passport-reqWWW-AuthenticatePassport1.4Passport1.4http://www.w
|
unknown
|
||
|
http://webdav.org/neon/hooks/server-auth
|
unknown
|
||
|
https://www.ecosia.org/newtab/v20
|
unknown
|
||
|
http://XXXXwinscp.net/forum/
|
unknown
|
||
|
https://github.com/bji/libs30https://github.com/bji/libs3/blob/master/LICENSE$Error
|
unknown
|
||
|
https://winscp.net/D
|
unknown
|
||
|
http://crt.rootca1.amazontrust.com/rootca1.cer0?
|
unknown
|
||
|
https://github.com/UweRaabe/PngComponents
|
unknown
|
||
|
https://winscp.net/forum/
|
unknown
|
||
|
http://winscp.net/schema/session/1.0
|
unknown
|
||
|
http://apache.org/dav/props/
|
unknown
|
||
|
http://webdav.org/neon/hooks/server-authAuthorizationWWW-AuthenticateAuthentication-InfoCould
|
unknown
|
||
|
http://webdav.org/neon/hooks/webdav-lockinghttp://webdav.org/neon/hooks/webdav-lockinglock:
|
unknown
|
||
|
https://winscp.net/eng/translations.php:https://winscp.net/eng/docs/search.php?ver=%s&lang=%s&q=%sKh
|
unknown
|
||
|
http://acs.amazonaws.com/groups/global/AuthenticatedUsers
|
unknown
|
||
|
https://notroj.github.io/neon/
|
unknown
|
||
|
https://filezilla-project.org/bThis
|
unknown
|
||
|
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
|
unknown
|
||
|
https://gemini.google.com/app?q=
|
unknown
|
||
|
http://h1.coldwalk.top/shark.bin
|
unknown
|
||
|
https://github.com/plashenkov/TBX
|
unknown
|
There are 59 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
pki-goog.l.google.com
|
142.250.68.227
|
||
|
c.pki.goog
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
unknown
|
European Union
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
failed_count
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
failed_count
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
failed_count
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
296E000
|
stack
|
page read and write
|
||
|
4F74000
|
trusted library allocation
|
page read and write
|
||
|
743800294000
|
trusted library allocation
|
page read and write
|
||
|
772C00274000
|
trusted library allocation
|
page read and write
|
||
|
10AA0000
|
trusted library allocation
|
page read and write
|
||
|
21C4022E000
|
heap
|
page read and write
|
||
|
480F000
|
stack
|
page read and write
|
||
|
1BEE000
|
unkown
|
page write copy
|
||
|
1C72B180000
|
remote allocation
|
page execute and read and write
|
||
|
4E18000
|
trusted library allocation
|
page read and write
|
||
|
10B27000
|
trusted library allocation
|
page read and write
|
||
|
743800238000
|
trusted library allocation
|
page read and write
|
||
|
505F000
|
trusted library allocation
|
page read and write
|
||
|
4EC6000
|
trusted library allocation
|
page read and write
|
||
|
10C6B000
|
trusted library allocation
|
page read and write
|
||
|
14384260000
|
heap
|
page read and write
|
||
|
772C00220000
|
trusted library allocation
|
page read and write
|
||
|
11517FB000
|
stack
|
page read and write
|
||
|
256400220000
|
trusted library allocation
|
page read and write
|
||
|
10C74000
|
trusted library allocation
|
page read and write
|
||
|
10A74000
|
trusted library allocation
|
page read and write
|
||
|
1C72B21A000
|
heap
|
page read and write
|
||
|
2672000
|
direct allocation
|
page read and write
|
||
|
7438002B8000
|
trusted library allocation
|
page read and write
|
||
|
772C00250000
|
trusted library allocation
|
page read and write
|
||
|
10A6E000
|
trusted library allocation
|
page read and write
|
||
|
4F4A000
|
trusted library allocation
|
page read and write
|
||
|
1FB4001A000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
3BB000098000
|
trusted library allocation
|
page read and write
|
||
|
10C82000
|
trusted library allocation
|
page read and write
|
||
|
4E65000
|
trusted library allocation
|
page read and write
|
||
|
10B10000
|
trusted library allocation
|
page read and write
|
||
|
772C00238000
|
trusted library allocation
|
page read and write
|
||
|
10ADF000
|
trusted library allocation
|
page read and write
|
||
|
772C002B8000
|
trusted library allocation
|
page read and write
|
||
|
6EB80002C000
|
trusted library allocation
|
page read and write
|
||
|
4C09000
|
trusted library allocation
|
page read and write
|
||
|
4BAE000
|
trusted library allocation
|
page read and write
|
||
|
10CF7000
|
trusted library allocation
|
page read and write
|
||
|
250E3A02000
|
heap
|
page read and write
|
||
|
44D0000
|
heap
|
page read and write
|
||
|
3BB00002C000
|
trusted library allocation
|
page read and write
|
||
|
10A00000
|
trusted library allocation
|
page read and write
|
||
|
27687A30000
|
heap
|
page read and write
|
||
|
10D57000
|
trusted library allocation
|
page read and write
|
||
|
297CF402000
|
heap
|
page read and write
|
||
|
4F72000
|
trusted library allocation
|
page read and write
|
||
|
256400270000
|
trusted library allocation
|
page read and write
|
||
|
1B49000
|
unkown
|
page read and write
|
||
|
10C77000
|
trusted library allocation
|
page read and write
|
||
|
1BE2000
|
unkown
|
page read and write
|
||
|
27687A89000
|
heap
|
page read and write
|
||
|
4E7D000
|
trusted library allocation
|
page read and write
|
||
|
1C72B231000
|
heap
|
page read and write
|
||
|
10CE0000
|
trusted library allocation
|
page read and write
|
||
|
10C60000
|
trusted library allocation
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
10B47000
|
trusted library allocation
|
page read and write
|
||
|
10C7D000
|
trusted library allocation
|
page read and write
|
||
|
10D38000
|
trusted library allocation
|
page read and write
|
||
|
87A45FE000
|
unkown
|
page readonly
|
||
|
27687990000
|
remote allocation
|
page execute and read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
4B6E000
|
trusted library allocation
|
page read and write
|
||
|
2564002B8000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
1FB3FF80000
|
heap
|
page read and write
|
||
|
2564002A0000
|
trusted library allocation
|
page read and write
|
||
|
6EB800098000
|
trusted library allocation
|
page read and write
|
||
|
21C40213000
|
heap
|
page read and write
|
||
|
10EB0000
|
trusted library allocation
|
page read and write
|
||
|
438E000
|
stack
|
page read and write
|
||
|
743800230000
|
trusted library allocation
|
page read and write
|
||
|
6EB800080000
|
trusted library allocation
|
page read and write
|
||
|
10B13000
|
trusted library allocation
|
page read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
10BBB000
|
trusted library allocation
|
page read and write
|
||
|
4E0A000
|
trusted library allocation
|
page read and write
|
||
|
26C3000
|
heap
|
page read and write
|
||
|
743800220000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
6EB800008000
|
trusted library allocation
|
page read and write
|
||
|
26BD000
|
heap
|
page read and write
|
||
|
4BA4000
|
trusted library allocation
|
page read and write
|
||
|
219D0270000
|
remote allocation
|
page execute and read and write
|
||
|
1C72B1E0000
|
heap
|
page read and write
|
||
|
6EB8000A8000
|
trusted library allocation
|
page read and write
|
||
|
48A000098000
|
trusted library allocation
|
page read and write
|
||
|
10CB5000
|
trusted library allocation
|
page read and write
|
||
|
10CF0000
|
trusted library allocation
|
page read and write
|
||
|
297CF390000
|
remote allocation
|
page execute and read and write
|
||
|
772C00288000
|
trusted library allocation
|
page read and write
|
||
|
22EAF8EA000
|
heap
|
page read and write
|
||
|
259C00201000
|
direct allocation
|
page read and write
|
||
|
4DC3000
|
trusted library allocation
|
page read and write
|
||
|
772C00278000
|
trusted library allocation
|
page read and write
|
||
|
5D880002C000
|
trusted library allocation
|
page read and write
|
||
|
494C000
|
stack
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
10CA8000
|
trusted library allocation
|
page read and write
|
||
|
21C401D0000
|
remote allocation
|
page execute and read and write
|
||
|
10CC0000
|
trusted library allocation
|
page read and write
|
||
|
29C4002B4000
|
trusted library allocation
|
page read and write
|
||
|
743800210000
|
trusted library allocation
|
page read and write
|
||
|
6EB800054000
|
trusted library allocation
|
page read and write
|
||
|
7438002B4000
|
trusted library allocation
|
page read and write
|
||
|
FD881FC000
|
stack
|
page read and write
|
||
|
256400260000
|
trusted library allocation
|
page read and write
|
||
|
10CC3000
|
trusted library allocation
|
page read and write
|
||
|
A951AFD000
|
stack
|
page read and write
|
||
|
48A00002C000
|
trusted library allocation
|
page read and write
|
||
|
10AF7000
|
trusted library allocation
|
page read and write
|
||
|
48A000080000
|
trusted library allocation
|
page read and write
|
||
|
4CD9000
|
trusted library allocation
|
page read and write
|
||
|
D46000
|
unkown
|
page execute read
|
||
|
256400238000
|
trusted library allocation
|
page read and write
|
||
|
10AF0000
|
trusted library allocation
|
page read and write
|
||
|
297CF600000
|
heap
|
page read and write
|
||
|
1BEF000
|
unkown
|
page readonly
|
||
|
3BB00003C000
|
trusted library allocation
|
page read and write
|
||
|
250E3A00000
|
heap
|
page read and write
|
||
|
250E3A54000
|
heap
|
page read and write
|
||
|
470E000
|
stack
|
page read and write
|
||
|
1438427A000
|
heap
|
page read and write
|
||
|
48A000018000
|
trusted library allocation
|
page read and write
|
||
|
276879F0000
|
heap
|
page read and write
|
||
|
259C00270000
|
direct allocation
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
772C002A8000
|
trusted library allocation
|
page read and write
|
||
|
7438002A8000
|
trusted library allocation
|
page read and write
|
||
|
1C72B1B0000
|
heap
|
page read and write
|
||
|
4C5C000
|
trusted library allocation
|
page read and write
|
||
|
10DA7000
|
trusted library allocation
|
page read and write
|
||
|
259C002A0000
|
direct allocation
|
page read and write
|
||
|
7438002B4000
|
trusted library allocation
|
page read and write
|
||
|
5D880006C000
|
trusted library allocation
|
page read and write
|
||
|
1FB40002000
|
heap
|
page read and write
|
||
|
10A15000
|
trusted library allocation
|
page read and write
|
||
|
22EAF901000
|
heap
|
page read and write
|
||
|
10C20000
|
trusted library allocation
|
page read and write
|
||
|
10CA7000
|
trusted library allocation
|
page read and write
|
||
|
4E83000
|
trusted library allocation
|
page read and write
|
||
|
4DC8000
|
trusted library allocation
|
page read and write
|
||
|
29C4002A0000
|
trusted library allocation
|
page read and write
|
||
|
4D62000
|
trusted library allocation
|
page read and write
|
||
|
1FB40013000
|
heap
|
page read and write
|
||
|
10A15000
|
trusted library allocation
|
page read and write
|
||
|
4D9F000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
4C78000
|
trusted library allocation
|
page read and write
|
||
|
10A10000
|
trusted library allocation
|
page read and write
|
||
|
10A5F000
|
trusted library allocation
|
page read and write
|
||
|
4B9E000
|
trusted library allocation
|
page read and write
|
||
|
4BD1000
|
trusted library allocation
|
page read and write
|
||
|
2691000
|
direct allocation
|
page read and write
|
||
|
256400294000
|
trusted library allocation
|
page read and write
|
||
|
297CF3E0000
|
heap
|
page read and write
|
||
|
10CD0000
|
trusted library allocation
|
page read and write
|
||
|
10C78000
|
trusted library allocation
|
page read and write
|
||
|
10C7D000
|
trusted library allocation
|
page read and write
|
||
|
259C002B4000
|
direct allocation
|
page read and write
|
||
|
22EAFAE0000
|
heap
|
page read and write
|
||
|
5D8800054000
|
trusted library allocation
|
page read and write
|
||
|
10B2D000
|
trusted library allocation
|
page read and write
|
||
|
22EAF8F6000
|
heap
|
page read and write
|
||
|
10CC7000
|
trusted library allocation
|
page read and write
|
||
|
10A57000
|
trusted library allocation
|
page read and write
|
||
|
29C400294000
|
trusted library allocation
|
page read and write
|
||
|
743800260000
|
trusted library allocation
|
page read and write
|
||
|
22EAF8D0000
|
heap
|
page read and write
|
||
|
1FB3FF60000
|
heap
|
page readonly
|
||
|
10CB4000
|
trusted library allocation
|
page read and write
|
||
|
10D30000
|
trusted library allocation
|
page read and write
|
||
|
5D8800058000
|
trusted library allocation
|
page read and write
|
||
|
4E94000
|
trusted library allocation
|
page read and write
|
||
|
4E8E000
|
trusted library allocation
|
page read and write
|
||
|
259C00220000
|
direct allocation
|
page read and write
|
||
|
29C4002A8000
|
trusted library allocation
|
page read and write
|
||
|
219D0458000
|
heap
|
page read and write
|
||
|
256400294000
|
trusted library allocation
|
page read and write
|
||
|
4E10000
|
trusted library allocation
|
page read and write
|
||
|
3BB00006C000
|
trusted library allocation
|
page read and write
|
||
|
10B57000
|
trusted library allocation
|
page read and write
|
||
|
10A17000
|
trusted library allocation
|
page read and write
|
||
|
772C002A8000
|
trusted library allocation
|
page read and write
|
||
|
259C002B8000
|
direct allocation
|
page read and write
|
||
|
4F59000
|
trusted library allocation
|
page read and write
|
||
|
3BB000098000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
10BC2000
|
trusted library allocation
|
page read and write
|
||
|
24FC000
|
stack
|
page read and write
|
||
|
219D0240000
|
remote allocation
|
page execute and read and write
|
||
|
7438002A8000
|
trusted library allocation
|
page read and write
|
||
|
1FB3FF50000
|
heap
|
page read and write
|
||
|
4CA7000
|
trusted library allocation
|
page read and write
|
||
|
1FB3FF20000
|
remote allocation
|
page execute and read and write
|
||
|
10C4A000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
4F67000
|
trusted library allocation
|
page read and write
|
||
|
772C00294000
|
trusted library allocation
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
46CF000
|
stack
|
page read and write
|
||
|
256400230000
|
trusted library allocation
|
page read and write
|
||
|
1C72B1C0000
|
heap
|
page readonly
|
||
|
A951BFE000
|
stack
|
page read and write
|
||
|
5D8800070000
|
trusted library allocation
|
page read and write
|
||
|
A951CFF000
|
stack
|
page read and write
|
||
|
1746000
|
unkown
|
page execute read
|
||
|
2694000
|
direct allocation
|
page readonly
|
||
|
4E16000
|
trusted library allocation
|
page read and write
|
||
|
48A000054000
|
trusted library allocation
|
page read and write
|
||
|
3BB000098000
|
trusted library allocation
|
page read and write
|
||
|
259D000
|
stack
|
page read and write
|
||
|
4F48000
|
trusted library allocation
|
page read and write
|
||
|
10AA0000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
10C83000
|
trusted library allocation
|
page read and write
|
||
|
10D45000
|
trusted library allocation
|
page read and write
|
||
|
10B0D000
|
trusted library allocation
|
page read and write
|
||
|
10BD2000
|
trusted library allocation
|
page read and write
|
||
|
219D0450000
|
heap
|
page read and write
|
||
|
219D0370000
|
heap
|
page read and write
|
||
|
4B52000
|
trusted library allocation
|
page read and write
|
||
|
219D1EB0000
|
heap
|
page read and write
|
||
|
3BB0000AC000
|
trusted library allocation
|
page read and write
|
||
|
48A000070000
|
trusted library allocation
|
page read and write
|
||
|
2630000
|
heap
|
page read and write
|
||
|
10C85000
|
trusted library allocation
|
page read and write
|
||
|
10CB7000
|
trusted library allocation
|
page read and write
|
||
|
A9520FB000
|
stack
|
page read and write
|
||
|
5D8800008000
|
trusted library allocation
|
page read and write
|
||
|
10C20000
|
trusted library allocation
|
page read and write
|
||
|
3BB000068000
|
trusted library allocation
|
page read and write
|
||
|
10B02000
|
trusted library allocation
|
page read and write
|
||
|
4DCF000
|
trusted library allocation
|
page read and write
|
||
|
10A72000
|
trusted library allocation
|
page read and write
|
||
|
772C00270000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
4810000
|
heap
|
page read and write
|
||
|
10C60000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
4E4F000
|
trusted library allocation
|
page read and write
|
||
|
250E3A27000
|
heap
|
page read and write
|
||
|
7D769FB000
|
stack
|
page read and write
|
||
|
8D82DFB000
|
stack
|
page read and write
|
||
|
4DFC000
|
trusted library allocation
|
page read and write
|
||
|
1FB4001F000
|
heap
|
page read and write
|
||
|
250E3810000
|
heap
|
page read and write
|
||
|
10BB0000
|
trusted library allocation
|
page read and write
|
||
|
6EB80008C000
|
trusted library allocation
|
page read and write
|
||
|
772C00294000
|
trusted library allocation
|
page read and write
|
||
|
29C400274000
|
trusted library allocation
|
page read and write
|
||
|
7438002B8000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
26C5000
|
heap
|
page read and write
|
||
|
743800201000
|
trusted library allocation
|
page read and write
|
||
|
10CCB000
|
trusted library allocation
|
page read and write
|
||
|
259C00260000
|
direct allocation
|
page read and write
|
||
|
29C400270000
|
trusted library allocation
|
page read and write
|
||
|
4A4D000
|
stack
|
page read and write
|
||
|
10A7B000
|
trusted library allocation
|
page read and write
|
||
|
7438002B4000
|
trusted library allocation
|
page read and write
|
||
|
219D03A0000
|
heap
|
page read and write
|
||
|
10C67000
|
trusted library allocation
|
page read and write
|
||
|
10B08000
|
trusted library allocation
|
page read and write
|
||
|
743800264000
|
trusted library allocation
|
page read and write
|
||
|
250E3B02000
|
heap
|
page read and write
|
||
|
10A1A000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
21C40400000
|
heap
|
page read and write
|
||
|
4E49000
|
trusted library allocation
|
page read and write
|
||
|
4DBE000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
10C3E000
|
trusted library allocation
|
page read and write
|
||
|
42D51FC000
|
stack
|
page read and write
|
||
|
5D8800098000
|
trusted library allocation
|
page read and write
|
||
|
4C0F000
|
trusted library allocation
|
page read and write
|
||
|
10DC0000
|
trusted library allocation
|
page read and write
|
||
|
4F6F000
|
trusted library allocation
|
page read and write
|
||
|
1D96000
|
unkown
|
page readonly
|
||
|
259C00290000
|
direct allocation
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
3BB00008C000
|
trusted library allocation
|
page read and write
|
||
|
10A50000
|
trusted library allocation
|
page read and write
|
||
|
4DB8000
|
trusted library allocation
|
page read and write
|
||
|
21C404E0000
|
heap
|
page readonly
|
||
|
10CCF000
|
trusted library allocation
|
page read and write
|
||
|
10B4F000
|
trusted library allocation
|
page read and write
|
||
|
219D0700000
|
heap
|
page read and write
|
||
|
10CBD000
|
trusted library allocation
|
page read and write
|
||
|
10C90000
|
trusted library allocation
|
page read and write
|
||
|
10AFD000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
772C00210000
|
trusted library allocation
|
page read and write
|
||
|
10A10000
|
trusted library allocation
|
page read and write
|
||
|
743800294000
|
trusted library allocation
|
page read and write
|
||
|
4A70000
|
trusted library allocation
|
page read and write
|
||
|
6EB80003C000
|
trusted library allocation
|
page read and write
|
||
|
772C00294000
|
trusted library allocation
|
page read and write
|
||
|
B9931FC000
|
stack
|
page read and write
|
||
|
18DE000
|
unkown
|
page write copy
|
||
|
3BB000080000
|
trusted library allocation
|
page read and write
|
||
|
1C72B21F000
|
heap
|
page read and write
|
||
|
772C00230000
|
trusted library allocation
|
page read and write
|
||
|
43D0000
|
heap
|
page execute and read and write
|
||
|
6EB800068000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
7438002A8000
|
trusted library allocation
|
page read and write
|
||
|
743800294000
|
trusted library allocation
|
page read and write
|
||
|
772C00294000
|
trusted library allocation
|
page read and write
|
||
|
743800294000
|
trusted library allocation
|
page read and write
|
||
|
10AF0000
|
trusted library allocation
|
page read and write
|
||
|
AB1000
|
unkown
|
page execute read
|
||
|
4BB4000
|
trusted library allocation
|
page read and write
|
||
|
2564002A8000
|
trusted library allocation
|
page read and write
|
||
|
29C400220000
|
trusted library allocation
|
page read and write
|
||
|
772C002A0000
|
trusted library allocation
|
page read and write
|
||
|
4B0C000
|
trusted library allocation
|
page read and write
|
||
|
143841E0000
|
heap
|
page read and write
|
||
|
48A000058000
|
trusted library allocation
|
page read and write
|
||
|
2564002A8000
|
trusted library allocation
|
page read and write
|
||
|
10BB6000
|
trusted library allocation
|
page read and write
|
||
|
194C000
|
unkown
|
page write copy
|
||
|
4D5C000
|
trusted library allocation
|
page read and write
|
||
|
297CF400000
|
heap
|
page read and write
|
||
|
1FB40025000
|
heap
|
page read and write
|
||
|
4D52000
|
trusted library allocation
|
page read and write
|
||
|
4DAB000
|
trusted library allocation
|
page read and write
|
||
|
10B04000
|
trusted library allocation
|
page read and write
|
||
|
10C72000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
29C400250000
|
trusted library allocation
|
page read and write
|
||
|
2690000
|
direct allocation
|
page readonly
|
||
|
1E18000
|
unkown
|
page readonly
|
||
|
4B6C000
|
trusted library allocation
|
page read and write
|
||
|
29C4002A8000
|
trusted library allocation
|
page read and write
|
||
|
259C00234000
|
direct allocation
|
page read and write
|
||
|
143841C0000
|
remote allocation
|
page execute and read and write
|
||
|
48A000068000
|
trusted library allocation
|
page read and write
|
||
|
6EB800001000
|
trusted library allocation
|
page read and write
|
||
|
4AFB000
|
trusted library allocation
|
page read and write
|
||
|
4A54000
|
trusted library allocation
|
page read and write
|
||
|
2564002B4000
|
trusted library allocation
|
page read and write
|
||
|
256400264000
|
trusted library allocation
|
page read and write
|
||
|
1C72B202000
|
heap
|
page read and write
|
||
|
3BB0000C0000
|
trusted library allocation
|
page read and write
|
||
|
5D88000AC000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
6EB800044000
|
trusted library allocation
|
page read and write
|
||
|
1C72B302000
|
heap
|
page read and write
|
||
|
48A00003C000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
772C00248000
|
trusted library allocation
|
page read and write
|
||
|
256400210000
|
trusted library allocation
|
page read and write
|
||
|
4E1B000
|
trusted library allocation
|
page read and write
|
||
|
4BDB000
|
trusted library allocation
|
page read and write
|
||
|
1C72B200000
|
heap
|
page read and write
|
||
|
48A000001000
|
trusted library allocation
|
page read and write
|
||
|
297CF6E0000
|
heap
|
page readonly
|
||
|
772C00264000
|
trusted library allocation
|
page read and write
|
||
|
743800274000
|
trusted library allocation
|
page read and write
|
||
|
26A7000
|
heap
|
page read and write
|
||
|
3BB000018000
|
trusted library allocation
|
page read and write
|
||
|
22EAF9D0000
|
heap
|
page read and write
|
||
|
29C400201000
|
trusted library allocation
|
page read and write
|
||
|
4F7B000
|
trusted library allocation
|
page read and write
|
||
|
10D5F000
|
trusted library allocation
|
page read and write
|
||
|
43B0000
|
heap
|
page execute and read and write
|
||
|
3BB000001000
|
trusted library allocation
|
page read and write
|
||
|
10CD8000
|
trusted library allocation
|
page read and write
|
||
|
EDB53FE000
|
unkown
|
page readonly
|
||
|
18DE000
|
unkown
|
page read and write
|
||
|
3BB000008000
|
trusted library allocation
|
page read and write
|
||
|
1BE8000
|
unkown
|
page readonly
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
10CAF000
|
trusted library allocation
|
page read and write
|
||
|
29C400278000
|
trusted library allocation
|
page read and write
|
||
|
A951EFE000
|
stack
|
page read and write
|
||
|
256400294000
|
trusted library allocation
|
page read and write
|
||
|
4E57000
|
trusted library allocation
|
page read and write
|
||
|
29C400294000
|
trusted library allocation
|
page read and write
|
||
|
10EC0000
|
trusted library allocation
|
page read and write
|
||
|
743800270000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
7438002B4000
|
trusted library allocation
|
page read and write
|
||
|
10CC5000
|
trusted library allocation
|
page read and write
|
||
|
7438002B4000
|
trusted library allocation
|
page read and write
|
||
|
219D0705000
|
heap
|
page read and write
|
||
|
10D68000
|
trusted library allocation
|
page read and write
|
||
|
6EB80006C000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
5D8800068000
|
trusted library allocation
|
page read and write
|
||
|
1B40000
|
unkown
|
page read and write
|
||
|
21C40200000
|
heap
|
page read and write
|
||
|
4C76000
|
trusted library allocation
|
page read and write
|
||
|
743800278000
|
trusted library allocation
|
page read and write
|
||
|
10BC8000
|
trusted library allocation
|
page read and write
|
||
|
48A00006C000
|
trusted library allocation
|
page read and write
|
||
|
14384275000
|
heap
|
page read and write
|
||
|
1C72B213000
|
heap
|
page read and write
|
||
|
743800288000
|
trusted library allocation
|
page read and write
|
||
|
10A1B000
|
trusted library allocation
|
page read and write
|
||
|
772C00260000
|
trusted library allocation
|
page read and write
|
||
|
10C6D000
|
trusted library allocation
|
page read and write
|
||
|
250E3A2F000
|
heap
|
page read and write
|
||
|
5D8800001000
|
trusted library allocation
|
page read and write
|
||
|
3BB0000A8000
|
trusted library allocation
|
page read and write
|
||
|
259C002CC000
|
direct allocation
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
10D70000
|
trusted library allocation
|
page read and write
|
||
|
743800248000
|
trusted library allocation
|
page read and write
|
||
|
21EC000
|
stack
|
page read and write
|
||
|
1FB40000000
|
heap
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
10A50000
|
trusted library allocation
|
page read and write
|
||
|
259C00274000
|
direct allocation
|
page read and write
|
||
|
4D6A000
|
trusted library allocation
|
page read and write
|
||
|
10AA7000
|
trusted library allocation
|
page read and write
|
||
|
14384580000
|
heap
|
page read and write
|
||
|
EDB4BFE000
|
stack
|
page read and write
|
||
|
10B15000
|
trusted library allocation
|
page read and write
|
||
|
1C72B21D000
|
heap
|
page read and write
|
||
|
259C0024C000
|
direct allocation
|
page read and write
|
||
|
250E3A11000
|
heap
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
29C400260000
|
trusted library allocation
|
page read and write
|
||
|
256400278000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
14384220000
|
heap
|
page read and write
|
||
|
29C400264000
|
trusted library allocation
|
page read and write
|
||
|
29C400230000
|
trusted library allocation
|
page read and write
|
||
|
21C40500000
|
heap
|
page read and write
|
||
|
4DA5000
|
trusted library allocation
|
page read and write
|
||
|
21C40202000
|
heap
|
page read and write
|
||
|
27687A80000
|
heap
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
21C40256000
|
heap
|
page read and write
|
||
|
A951FFF000
|
stack
|
page read and write
|
||
|
48A0000AC000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
259C00210000
|
direct allocation
|
page read and write
|
||
|
22EAF8F0000
|
heap
|
page read and write
|
||
|
10C80000
|
trusted library allocation
|
page read and write
|
||
|
4E1D000
|
trusted library allocation
|
page read and write
|
||
|
3BB000058000
|
trusted library allocation
|
page read and write
|
||
|
3BB0000B8000
|
trusted library allocation
|
page read and write
|
||
|
5D8800044000
|
trusted library allocation
|
page read and write
|
||
|
22EAF8D8000
|
heap
|
page read and write
|
||
|
3BB000064000
|
trusted library allocation
|
page read and write
|
||
|
250E3920000
|
heap
|
page read and write
|
||
|
6EB8000AC000
|
trusted library allocation
|
page read and write
|
||
|
261D000
|
stack
|
page read and write
|
||
|
10AA0000
|
trusted library allocation
|
page read and write
|
||
|
259C00280000
|
direct allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
26BD000
|
heap
|
page read and write
|
||
|
5D880008C000
|
trusted library allocation
|
page read and write
|
||
|
10D3F000
|
trusted library allocation
|
page read and write
|
||
|
4CBF000
|
trusted library allocation
|
page read and write
|
||
|
250E3910000
|
heap
|
page readonly
|
||
|
1C72B190000
|
heap
|
page read and write
|
||
|
10A7F000
|
trusted library allocation
|
page read and write
|
||
|
10B07000
|
trusted library allocation
|
page read and write
|
||
|
10B3F000
|
trusted library allocation
|
page read and write
|
||
|
4BFE000
|
trusted library allocation
|
page read and write
|
||
|
4D57000
|
trusted library allocation
|
page read and write
|
||
|
7438002B8000
|
trusted library allocation
|
page read and write
|
||
|
29C400248000
|
trusted library allocation
|
page read and write
|
||
|
5D8800064000
|
trusted library allocation
|
page read and write
|
||
|
48A00008C000
|
trusted library allocation
|
page read and write
|
||
|
256400294000
|
trusted library allocation
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
2681000
|
direct allocation
|
page execute read
|
||
|
29C400238000
|
trusted library allocation
|
page read and write
|
||
|
26C5000
|
heap
|
page read and write
|
||
|
1C72B225000
|
heap
|
page read and write
|
||
|
3BB000054000
|
trusted library allocation
|
page read and write
|
||
|
297CF700000
|
heap
|
page read and write
|
||
|
4D66000
|
trusted library allocation
|
page read and write
|
||
|
21C401E0000
|
heap
|
page read and write
|
||
|
1C72B237000
|
heap
|
page read and write
|
||
|
10E47000
|
trusted library allocation
|
page read and write
|
||
|
10C8B000
|
trusted library allocation
|
page read and write
|
||
|
10A8F000
|
trusted library allocation
|
page read and write
|
||
|
772C002B4000
|
trusted library allocation
|
page read and write
|
||
|
10E40000
|
trusted library allocation
|
page read and write
|
||
|
48A000064000
|
trusted library allocation
|
page read and write
|
||
|
48A000008000
|
trusted library allocation
|
page read and write
|
||
|
4DB2000
|
trusted library allocation
|
page read and write
|
||
|
4F56000
|
trusted library allocation
|
page read and write
|
||
|
4B01000
|
trusted library allocation
|
page read and write
|
||
|
29C4002B8000
|
trusted library allocation
|
page read and write
|
||
|
10AA0000
|
trusted library allocation
|
page read and write
|
||
|
259C00240000
|
direct allocation
|
page read and write
|
||
|
256400201000
|
trusted library allocation
|
page read and write
|
||
|
259C00230000
|
direct allocation
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
14384200000
|
heap
|
page read and write
|
||
|
1FB40102000
|
heap
|
page read and write
|
||
|
256400288000
|
trusted library allocation
|
page read and write
|
||
|
297CF3D0000
|
remote allocation
|
page execute and read and write
|
||
|
4C8D000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
22EAFB80000
|
heap
|
page read and write
|
||
|
10B0D000
|
trusted library allocation
|
page read and write
|
||
|
5D88000A8000
|
trusted library allocation
|
page read and write
|
||
|
10C66000
|
trusted library allocation
|
page read and write
|
||
|
6EB800058000
|
trusted library allocation
|
page read and write
|
||
|
14384269000
|
heap
|
page read and write
|
||
|
1953000
|
unkown
|
page read and write
|
||
|
22EAFAC0000
|
heap
|
page read and write
|
||
|
2670000
|
direct allocation
|
page execute read
|
||
|
AB0000
|
unkown
|
page readonly
|
||
|
297CF502000
|
heap
|
page read and write
|
||
|
21C40241000
|
heap
|
page read and write
|
||
|
743800250000
|
trusted library allocation
|
page read and write
|
||
|
4B12000
|
trusted library allocation
|
page read and write
|
||
|
1FB3FF30000
|
heap
|
page read and write
|
||
|
10DB8000
|
trusted library allocation
|
page read and write
|
||
|
4D6D000
|
trusted library allocation
|
page read and write
|
||
|
29C400294000
|
trusted library allocation
|
page read and write
|
||
|
10BCD000
|
trusted library allocation
|
page read and write
|
||
|
4323000
|
direct allocation
|
page read and write
|
||
|
5D8800018000
|
trusted library allocation
|
page read and write
|
||
|
10CA0000
|
trusted library allocation
|
page read and write
|
||
|
250E3A13000
|
heap
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
3BB0000A8000
|
trusted library allocation
|
page read and write
|
||
|
10A50000
|
trusted library allocation
|
page read and write
|
||
|
10AF6000
|
trusted library allocation
|
page read and write
|
||
|
10E58000
|
trusted library allocation
|
page read and write
|
||
|
2564002B4000
|
trusted library allocation
|
page read and write
|
||
|
4BCB000
|
trusted library allocation
|
page read and write
|
||
|
27687A99000
|
heap
|
page read and write
|
||
|
256400248000
|
trusted library allocation
|
page read and write
|
||
|
5158000
|
trusted library allocation
|
page read and write
|
||
|
29C400294000
|
trusted library allocation
|
page read and write
|
||
|
21C42202000
|
heap
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
6EB800070000
|
trusted library allocation
|
page read and write
|
||
|
27687A10000
|
heap
|
page read and write
|
||
|
259C00250000
|
direct allocation
|
page read and write
|
||
|
250E3A41000
|
heap
|
page read and write
|
||
|
7438002A8000
|
trusted library allocation
|
page read and write
|
||
|
22EAF8B0000
|
remote allocation
|
page execute and read and write
|
||
|
250E3830000
|
heap
|
page read and write
|
||
|
4D4D000
|
trusted library allocation
|
page read and write
|
||
|
3BB000044000
|
trusted library allocation
|
page read and write
|
||
|
87A3DFE000
|
stack
|
page read and write
|
||
|
2650000
|
direct allocation
|
page read and write
|
||
|
4350000
|
trusted library allocation
|
page read and write
|
||
|
44ED000
|
heap
|
page read and write
|
||
|
29C4002B4000
|
trusted library allocation
|
page read and write
|
||
|
772C00201000
|
trusted library allocation
|
page read and write
|
||
|
431B000
|
direct allocation
|
page read and write
|
||
|
297CF413000
|
heap
|
page read and write
|
||
|
5D880003C000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
heap
|
page read and write
|
||
|
25D4000
|
heap
|
page read and write
|
||
|
7438002B4000
|
trusted library allocation
|
page read and write
|
||
|
1BE8000
|
unkown
|
page readonly
|
||
|
6EB800064000
|
trusted library allocation
|
page read and write
|
||
|
4F4D000
|
trusted library allocation
|
page read and write
|
||
|
21C42000000
|
heap
|
page read and write
|
||
|
10B1B000
|
trusted library allocation
|
page read and write
|
||
|
219D0290000
|
heap
|
page read and write
|
||
|
7438002C8000
|
trusted library allocation
|
page read and write
|
||
|
276879D0000
|
remote allocation
|
page execute and read and write
|
||
|
6EB800018000
|
trusted library allocation
|
page read and write
|
||
|
10F40000
|
trusted library allocation
|
page read and write
|
||
|
29C400210000
|
trusted library allocation
|
page read and write
|
||
|
A951DFD000
|
stack
|
page read and write
|
||
|
4E6A000
|
trusted library allocation
|
page read and write
|
||
|
21C40302000
|
heap
|
page read and write
|
||
|
4BF8000
|
trusted library allocation
|
page read and write
|
||
|
4E02000
|
trusted library allocation
|
page read and write
|
||
|
10CAD000
|
trusted library allocation
|
page read and write
|
||
|
44D1000
|
heap
|
page read and write
|
||
|
772C002B4000
|
trusted library allocation
|
page read and write
|
||
|
10AFB000
|
trusted library allocation
|
page read and write
|
||
|
4E5C000
|
trusted library allocation
|
page read and write
|
||
|
1D15000
|
unkown
|
page readonly
|
||
|
48A0000A8000
|
trusted library allocation
|
page read and write
|
||
|
48A000044000
|
trusted library allocation
|
page read and write
|
||
|
259C00294000
|
direct allocation
|
page read and write
|
||
|
22EAF8FC000
|
heap
|
page read and write
|
||
|
10C20000
|
trusted library allocation
|
page read and write
|
||
|
10DA0000
|
trusted library allocation
|
page read and write
|
||
|
140001000
|
direct allocation
|
page execute and read and write
|
||
|
5D8800080000
|
trusted library allocation
|
page read and write
|
||
|
29C400288000
|
trusted library allocation
|
page read and write
|
||
|
256400274000
|
trusted library allocation
|
page read and write
|
||
|
1C72B22E000
|
heap
|
page read and write
|
||
|
256400250000
|
trusted library allocation
|
page read and write
|
||
|
4BE1000
|
trusted library allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
1FB3FEE0000
|
remote allocation
|
page execute and read and write
|
||
|
7438002A0000
|
trusted library allocation
|
page read and write
|
||
|
3BB000070000
|
trusted library allocation
|
page read and write
|
||
|
27687A50000
|
heap
|
page read and write
|
There are 591 hidden memdumps, click here to show them.